Methods, systems and computer program products are provided which communicate between client applications and a transaction server by establishing a persistent secure connection between the transaction server and a Secure Socket Layer (SSL) proxy server. A first session specific SSL connection, different from the persistent secure connection, is also established between a first client application and the SSL proxy server.Communications between the first client application and the SSL proxy server transmitted over the first session specific SSL connection are then forwarded with the client's identity preserved to the transaction server over the persistent secure connection. Furthermore, a second session specific SSL connection between a second client application and the SSL proxy server may also be established and the communications between the second client application and the SSL proxy server transmitted over the second session specific SSL connection are forwarded to the transaction server over the persistent secure connection. Preferably, the persistent secure connection is an SSL connection.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A method of communicating between client applications and a transaction server, comprising: establishing a persistent secure connection between the transaction server and a Secure Socket Layer (SSL) proxy server; establishing a first session specific SSL connection, different from the persistent secure connection, between a first client application and the SSL proxy server; forwarding communications between the first client application and the SSL proxy server transmitted over the first session specific SSL connection to the transaction server over the persistent secure connection; and forwarding client identification information received by the SSL proxy server to the transaction server so as to maintain an association of the client identification information with the forwarded communications between the first client application and the SSL proxy server.
2. A method according to claim 1 , further comprising the steps of: establishing a second session specific SSL connection between a second client application and the SSL proxy server; and forwarding communications between the second client application and the SSL proxy server transmitted over the second session specific SSL connection to the transaction server over the persistent secure connection.
3. A method according to claim 1 , wherein the step of forwarding client identification information comprises the step of providing first client identification information extracted from the communications in a message transmitted to the transaction server over the persistent secure connection.
4. A method according to claim 3 , wherein the step of providing first client identification information comprises the steps of: incorporating the first client identification information as a message header of the message; and transmitting the message with the message header to the transaction server over the persistent secure connection.
5. A method according to claim 4 , further comprising the steps of: receiving the message transmitted over the persistent secure connection; extracting from the message the first client identification information and content information from the communications; and providing the first client identification information and the extracted content information to a transaction server.
6. A method according to claim 1 , wherein the step of forwarding client identification information comprises the step of: establishing a second connection between the SSL proxy server and the transaction server; extracting first client identification information and content information from the communications; transmitting the first client identification information to the transaction server over the second connection; and transmitting the content information to the transaction server over the persistent secure connection.
7. A method according to claim 6 , further comprising the steps of: receiving the content information transmitted over the persistent secure connection; receiving the first client identification information transmitted over the second connection; and providing the first client identification and the content information to a transaction server.
8. A method according to claim 1 , wherein the persistent secure connection is an SSL connection.
9. A system for communicating with client applications, comprising: a transaction server; an SSL proxy server operable for establishing Secure Socket Layer (SSL) connections with the client applications and for providing client identification information to the transaction server; a persistent secure connection between the SSL proxy server and the transaction server over which communications received over the SSL connections with the client applications are multiplexed.
10. A system according to claim 9 , wherein the persistent secure connection comprises an SSL connection between the SSL proxy server and the transaction server.
11. A system according to claim 9 , wherein the SSL proxy server multiplexes communications from the client applications onto the persistent secure connection and de-multiplexes communications from the persistent secure connection onto the SSL connections with the client applications.
12. A system according to claim 9 , further comprising a second connection between the SSL proxy server and the transaction server operable to provide client identification information associated with communications over the persistent secure connection to the transaction server.
13. A system according to claim 12 , wherein the second connection comprises a persistent connection.
14. A system according to claim 13 , wherein the transaction server further comprises means for matching client identification information received over the second connection with the associated communications received over the persistent secure connection to provide the client identification and the associated communications received over the persistent secure connection to a server application.
15. A system for communicating between client applications and a transaction server, comprising: means for establishing a persistent secure connection between the transaction server and a Secure Socket Layer (SSL) proxy server; means for establishing a first session specific SSL connection, different from the persistent secure connection, between a first client application and the SSL proxy server; means for forwarding communications between the first client application and the SSL proxy server transmitted over the first session specific SSL connection to the transaction server over the persistent secure connection; and means for forwarding client identification information received by the SSL proxy server to the transaction server so as to maintain an association of the client identification information with the forwarded communications between the first client application and the SSL proxy server.
16. A system according to claim 15 , further comprising: means for establishing a second session specific SSL connection between a second client application and the SSL proxy server; and means for forwarding communications between the second client application and the SSL proxy server transmitted over the second session specific SSL connection to the transaction server over the persistent secure connection.
17. A system according to claim 15 , wherein the means for forwarding client identification information comprises means for providing first client identification information extracted from the communications in a message transmitted to the transaction server over the persistent secure connection.
18. A system according to claim 17 , wherein the means for providing first client identification information comprises: means for incorporating the first client identification information as a message header of the message; and means for transmitting the message with the message header to the transaction server over the persistent secure connection.
19. A system according to claim 18 , further comprising: means for receiving the message transmitted over the persistent secure connection; means for extracting from the message the first client identification information and content information from the communications; and means for providing the first client identification information and the extracted content information to a transaction server. 20 .A system according to claim 15 , wherein the means for forwarding client identification information comprises: means for establishing a second connection between the SSL proxy server and the transaction server; means for extracting first client identification information and content information from the communications; means for transmitting the first client identification information to the transaction server over the second connection; and means for transmitting the content information to the transaction server over the persistent secure connection.
21. A system according to claim 20 , further comprising: means for receiving the content information transmitted over the persistent secure connection; means for receiving the first client identification information transmitted over the second connection; and means for providing the first client identification and the content information to a transaction server.
22. A system according to claim 15 , wherein the persistent secure connection is an SSL connection.
23. A computer program product for communicating between client applications and a transaction server, comprising: a computer readable storage medium having computer readable program code embodied in said medium, said computer readable program code comprising: computer readable program code for establishing a persistent secure connection between the transaction server and a Secure Socket Layer (SSL) proxy server; computer readable program code for establishing a first session specific SSL connection, different from the persistent secure connection, between a first client application and the SSL proxy server; computer readable program code for forwarding communications between the first client application and the SSL proxy server transmitted over the first session specific SSL connection to the transaction server over the persistent secure connection; and computer readable program code for forwarding client identification information received by the SSL proxy server to the transaction server so as to maintain an association of the client identification information with the forwarded communications between the first client application and the SSL proxy server.
24. A computer program product according to claim 23 , further comprising: computer readable program code for establishing a second session specific SSL connection between a second client application and the SSL proxy server; and computer readable program code for forwarding communications between the second client application and the SSL proxy server transmitted over the second session specific SSL connection to the transaction server over the persistent secure connection.
25. A computer program product according to claim 23 , wherein the computer readable program code for forwarding client identification information comprises computer readable program code for providing first client identification information extracted from the communications in a message transmitted to the transaction server over the persistent secure connection.
26. A computer program product according to claim 25 , wherein the computer readable program code for providing first client identification information comprises: computer readable program code for incorporating the first client identification information as a message header of the message; and computer readable program code for transmitting the message with the message header to the transaction server over the persistent secure connection.
27. A computer program product according to claim 26 , further comprising: computer readable program code for receiving the message transmitted over the persistent secure connection; computer readable program code for extracting from the message the first client identification information and content information from the communications; and computer readable program code for providing the first client identification information and the extracted content information to a transaction server.
28. A computer program product according to claim 23 , wherein the computer readable program code for forwarding client identification information comprises: computer readable program code for establishing a second connection between the SSL proxy server and the transaction server; computer readable program code for extracting first client identification information and content information from the communications; computer readable program code for transmitting the first client identification information to the transaction server over the second connection; and computer readable program code for transmitting the content information to the transaction server over the persistent secure connection.
29. A computer program product according to claim 23 , further comprising: computer readable program code for receiving the content information transmitted over the persistent secure connection; computer readable program code for receiving the first client identification information transmitted over the second connection; and computer readable program code for providing the first client identification and the content information to a transaction server.
30. A computer program product according to claim 23 , wherein the persistent secure connection is an SSL connection.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
October 1, 1999
May 4, 2004
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.